Banking

Bank Negara fines Bank Rakyat RM1mil for cybersecurity, customer information protection breaches

KUALA LUMPUR: Bank Negara Malaysia (BNM) has imposed an administrative monetary penalty (AMP) of RM1 million on Bank Kerjasama Rakyat Malaysia Bhd (Bank Rakyat) for cybersecurity and customer information protection breaches on Jan 20, 2026.

The central bank said Bank Rakyat failed to implement robust cybersecurity standards as required under the risk management in technology policy document (RMiT PD).

It said Bank Rakyat also failed to safeguard customer information through adequate controls as required under the management of customer information and permitted disclosures policy document (MCIPD PD).

"BNM discovered that Bank Rakyat had breached several requirements under the RMiT PD and MCIPD PD following a cybersecurity incident in which an external threat actor gained unauthorised access to its information technology (IT) infrastructure.

"These breaches were attributed to inadequate cybersecurity controls and incident response,” it said on its website.

BNM said Bank Rakyat has taken remedial measures to strengthen its cybersecurity and information and communication technology (ICT) controls, resources and governance arrangements.

In deciding the AMP to be imposed, relevant aggravating and mitigating factors have been considered, the central bank said.

"These include the severity of the breaches and Bank Rakyat’s lack of reasonable care in ensuring compliance with the RMiT PD and MCIPD PD requirements; current controls to ensure compliance with the requirements; past compliance record; and post-misconduct behaviour and the effectiveness of remedial actions to prevent the recurrence of non-compliances,” it said.

Bank Rakyat paid RM1 million for the AMP on Jan 26, 2026.

BNM said it requires all financial institutions (FIs) to comply with the RMiT PD and MCIPD PD.

"BNM will not hesitate to take appropriate supervisory and enforcement actions should any FI fail to meet legal and/or regulatory requirements.

"The enforcement action taken against Bank Rakyat is in line with the approach and processes outlined in BNM’s published Enforcement Approach,” said the central bank. - Bernama

Follow us on our official WhatsApp channel for breaking news alerts and key updates!
BNM , Bank Negara , monetary penalty , Bank Kerjasama Rakyat Malaysia , cybersecurity breaches , risk management

Next In Business News
Salcon wins RM80mil water infrastructure contract
Ringgit ends higher on renewed optimism on de-escalation of US-Iran war
Exsim Hospitality wins RM42mil M&E job
NCT Alliance appoints Ong Chou Wen as CEO
PETRONAS works with authorities to boost output, secure supply
MGB bags RM200.74mil centralised labour quarters job
Malaysia’s banks remain resilient, ready to support customers amid global uncertainties
Bursa Malaysia surges as Middle East tensions show signs of easing
Zecon appoints Mohamad Morshidi as chairman
Airwallex secures regulatory approval to expand payment services in Malaysia

Trending in Business

Others Also Read

Load more

Copyright © 1995- Star Media Group Berhad [197101000523 (10894-D)]

Best viewed on Chrome browsers.